Improper Authorization Vulnerability in McAfee Data Loss Prevention (DLP) ePO Extension Prior to 11.5.3

Improper Authorization Vulnerability in McAfee Data Loss Prevention (DLP) ePO Extension Prior to 11.5.3

CVE-2020-7300 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attackers to change the configuration when logged in with view only privileges via carefully constructed HTTP post messages.

Learn more about our Web Application Penetration Testing UK.